Report - aide-client.skoa.li/app/

Report Overview

Submitted URL
aide-client.skoa.li/app/
IP
2.56.247.11
ASN
#0
Submitted
2023-02-09 03:03:40
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
34

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
aide-client.skoa.li	unknown	2023-02-08T15:12:36Z	2023-02-09T03:03:00Z	8.6 kB	223 kB	2.56.247.11
rawgit.com	52214	2014-10-08T16:24:39Z	2023-03-13T08:01:53Z	415 B	1.0 kB	188.114.97.1
zerossl.ocsp.sectigo.com	4049	2020-05-09T21:05:29Z	2023-03-13T05:14:15Z	348 B	1.2 kB	172.64.155.188
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	1.4 kB	2.8 kB	216.58.211.3
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-13T08:44:36Z	524 B	18 kB	142.250.74.35
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.2 kB	51 kB	34.120.237.76
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	2.7 kB	7.1 kB	23.36.77.32
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	54.184.253.181
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-13T06:00:13Z	682 B	1.2 kB	93.184.220.29
www.impots.gouv.fr	309898	2012-05-22T21:51:58Z	2023-03-13T05:39:44Z	858 B	1.2 kB	152.199.19.61
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-13T08:14:31Z	415 B	630 B	142.250.74.74
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.8 kB	34.160.144.191
code.jquery.com	634	2012-05-21T19:28:02Z	2023-03-13T05:09:57Z	371 B	84 kB	69.16.175.42

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2023-02-08	medium	aide-client.skoa.li/app/	DGI (French Tax Authority)

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-02-09	medium	aide-client.skoa.li/app/	Phishing
2023-02-09	medium	aide-client.skoa.li/app/templates/js/dyn/urls.js	Phishing
2023-02-09	medium	aide-client.skoa.li/app/templates/js/dyn/configuration.js	Phishing
2023-02-09	medium	aide-client.skoa.li/app/pages/1.php	Phishing
2023-02-09	medium	aide-client.skoa.li/app/main.js	Phishing
2023-02-09	medium	aide-client.skoa.li/app/templates/images/spi.svg	Phishing
2023-02-09	medium	aide-client.skoa.li/app/templates/images/spi1.svg	Phishing
2023-02-09	medium	aide-client.skoa.li/app/templates/images/num_acces.svg	Phishing
2023-02-09	medium	aide-client.skoa.li/app/templates/images/rfr.svg	Phishing
2023-02-09	medium	aide-client.skoa.li/app/templates/polices/glyphicons-halflings-regular.woff2	Phishing
2023-02-09	medium	aide-client.skoa.li/app/templates/polices/dgfip_dgfipicons.woff	Phishing
2023-02-09	medium	aide-client.skoa.li/app/templates/images/logo.svg	Phishing
2023-02-09	medium	aide-client.skoa.li/app/templates/js/dyn/idContact.js	Phishing
2023-02-09	medium	aide-client.skoa.li/app/templates/js/dyn/messages.js	Phishing
2023-02-09	medium	aide-client.skoa.li/app/templates/js/bootstrap.min.js	Phishing
2023-02-09	medium	aide-client.skoa.li/app/templates/js/dyn/auth2019v3.js	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (12)

	URL	Size	First Seen	Last Seen
	aide-client.skoa.li/app/main.js	7.2 kB	2023-03-07	2023-10-17
Pretty URL aide-client.skoa.li/app/main.js IP 2.56.247.11 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:58:12 Last Seen2023-10-17 13:18:18 Times Seen9 Hash bb64b6543ce2af8a9437e3d7e71e51a6 afa0a8ff9d6d221dd3cd225ac7453baea7a4afac 61b2b16f74650053149cce0b8e315be1073a87122af7873fdd7333ada0a989da Loading...

	rawgit.com/RobinHerbots/jquery.inputmask/3.x/dist/jquery.inputmask.bundle.js	219 kB	2023-03-07	2024-04-13
Pretty URL rawgit.com/RobinHerbots/jquery.inputmask/3.x/dist/jquery.inputmask.bundle.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:15:59 Last Seen2024-04-13 21:22:22 Times Seen405 Hash 4b7ba41ac3e6a3c03c0d08f34a4b9f42 5285169a52b91ef77c9d7bee98c46aeaa4c4446e 5cbeb9095648444ae26ad665785931d937a10bc83b78f2cf51eaefea0dc0ec21 Loading...

	aide-client.skoa.li/app/	20 B	2023-03-07	2024-01-03
Pretty URL aide-client.skoa.li/app/ IP 2.56.247.11 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:08:15 Last Seen2024-01-03 13:37:49 Times Seen3 Hash 0270456c8ab4795d903442ae7220c932 61ad8bdccb0583c5906ef02826a63314edbd9353 b009876e58373af6151fa21432bd27308aff8e3531b40a082e06100680c51d6d Loading...

	aide-client.skoa.li/app/	21 B	2023-03-07	2024-01-03
Pretty URL aide-client.skoa.li/app/ IP 2.56.247.11 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:08:15 Last Seen2024-01-03 13:37:49 Times Seen5 Hash 586020ce13b31e74d2e9723762679b3d 7b1ddb3c946c243b2738874d124f014ea294d274 877b3e6bfbfae537343086658078a1d0efe6479318e5d1ff1db3ca66d06f917b Loading...

	code.jquery.com/jquery-1.11.0.js	283 kB	2023-03-07	2024-04-13
Pretty URL code.jquery.com/jquery-1.11.0.js IP 69.16.175.42 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:08:15 Last Seen2024-04-13 07:33:13 Times Seen242 Hash 3b80424646a7ecdb19273d86800c1ac0 6945741107601d402c70a13ce46eb72fd1168bc8 ce0343e1d6f489768eeefe022c12181c6a0822e756239851310acf076d23d10c Loading...

	aide-client.skoa.li/app/templates/js/bootstrap.min.js	33 kB	2023-03-07	2024-04-13
Pretty URL aide-client.skoa.li/app/templates/js/bootstrap.min.js IP 2.56.247.11 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:08:15 Last Seen2024-04-13 07:33:13 Times Seen56 Hash 0d17dfbd7c0b92dc67005aa26f08f720 5fb4916587aeec801f67da4489dc0451faf2fd05 48c7e41ca5bfbc80c081f43bf39f3c76faff5160bd22640113c5c5a47afb63b7 Loading...

	aide-client.skoa.li/app/templates/js/dyn/auth2019v3.js	78 kB	2023-03-07	2024-04-13
Pretty URL aide-client.skoa.li/app/templates/js/dyn/auth2019v3.js IP 2.56.247.11 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:08:15 Last Seen2024-04-13 07:33:13 Times Seen44 Hash acfc5bd604d384ccb5e265a42d429f9e ff6d201ccd091d2d2097c6de943febc356cded67 b3d15497f2d9fbfa63d5d4facdce9dffca737dcd782c2a04ed6a2a82ae1230a3 Loading...

	aide-client.skoa.li/app/templates/js/dyn/messages.js	11 kB	2023-03-07	2023-04-01
Pretty URL aide-client.skoa.li/app/templates/js/dyn/messages.js IP 2.56.247.11 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:08:15 Last Seen2023-04-01 10:34:42 Times Seen4 Hash 742c71b35c1e453aad66c676697733c3 fdf1a015f8555588e6c80b6280f34b15218ab570 6e424611470a9c711d1833d3a71cbb0abc81b7729f8bfc8eb78e5f95b455a0c8 Loading...

	aide-client.skoa.li/app/	20 B	2023-03-07	2024-01-03
Pretty URL aide-client.skoa.li/app/ IP 2.56.247.11 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:58:12 Last Seen2024-01-03 13:37:49 Times Seen5 Hash b82cd80b2a26c84032af2bf78dbab9fd d30de73c9fcc824eca933b36bdbed024ac9fbafd 6f51a7355af838631af72ba4dec33213bbf887b7375f7a3af7a28a418d6a9619 Loading...

	aide-client.skoa.li/app/templates/js/dyn/idContact.js	2.2 kB	2023-03-07	2024-04-13
Pretty URL aide-client.skoa.li/app/templates/js/dyn/idContact.js IP 2.56.247.11 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:08:15 Last Seen2024-04-13 07:33:12 Times Seen29 Hash ce46ba6813c283e2b87bbbc0c3f4a2af bd0c8e1114b4c2a39975d1ca994ca5666b01b233 98f81289f9dd38dd34c13ea92845b3715baf8f4f5c9879fca3ede459546485a6 Loading...

	aide-client.skoa.li/app/templates/js/dyn/urls.js	583 B	2023-03-07	2024-04-13
Pretty URL aide-client.skoa.li/app/templates/js/dyn/urls.js IP 2.56.247.11 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:08:15 Last Seen2024-04-13 07:33:13 Times Seen47 Hash da690b92c51c6c3bb77cd7627d5d9069 d8d1cfc3764d56275f60a528f49231300f3bcdad 5c3251a96cef21959f31e013b826cc2d1aeed28d4c874160258fed75e7abfc48 Loading...

	aide-client.skoa.li/app/templates/js/dyn/configuration.js	961 B	2023-03-07	2024-04-13
Pretty URL aide-client.skoa.li/app/templates/js/dyn/configuration.js IP 2.56.247.11 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:08:15 Last Seen2024-04-13 07:33:13 Times Seen48 Hash b3f715665510437ceaae40ff81db78d2 efe2192df8143a9e3b1da5fb15572286ec81cb00 a78d88f8387bb6e43df45752c8788685035835000de7f1984c9e11368f5c0c82 Loading...

HTTP Transactions (52)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
dca68db7aea32f6683ce8d542c078f04
19c495238df74fca680e21f18627ff94de5dd2e5
35cab3987fc0e4a41b305cb208c1e33fa38ce8bdfd9f386c3dc0411dd4d5ac61

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35CAB3987FC0E4A41B305CB208C1E33FA38CE8BDFD9F386C3DC0411DD4D5AC61"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5242
Expires: Thu, 09 Feb 2023 04:30:52 GMT
Date: Thu, 09 Feb 2023 03:03:30 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
565c1bbc5c1c40be1988b3bf6fd9dc1a
cfdba5bc597130461dd67bf6cda53183be592493
60ceb36a8329c92fc49a3caf50daf511a38e01eac21a07d7a0a838166bea058d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "60CEB36A8329C92FC49A3CAF50DAF511A38E01EAC21A07D7A0A838166BEA058D"
Last-Modified: Mon, 06 Feb 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13134
Expires: Thu, 09 Feb 2023 06:42:24 GMT
Date: Thu, 09 Feb 2023 03:03:30 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
cc14b0d2f7c451f6431dc87ba54d1d60
bab8bfda6fa3e2f17125353f5147211787dc25d0
b58fe18a5cc8fe5aaf49ba7eadd0ef34692892e68e9c52eb5bb56ea27e1300ad

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B58FE18A5CC8FE5AAF49BA7EADD0EF34692892E68E9C52EB5BB56EA27E1300AD"
Last-Modified: Mon, 06 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14722
Expires: Thu, 09 Feb 2023 07:08:52 GMT
Date: Thu, 09 Feb 2023 03:03:30 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 09 Feb 2023 02:34:15 GMT
content-type: application/json
age: 1755
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: pzwW4hGb4ERd1E6v/4i338AwmvYOuVZgV0MM3p1fWI9Qto/bWReYManT6dcQyB4/WmBcjaff+aM=
x-amz-request-id: NA5JGBXKDDQY7RC2
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 09 Feb 2023 02:46:12 GMT
age: 1038
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

zerossl.ocsp.sectigo.com/

172.64.155.188

200 OK

727 B

URL HTTP/1.1
zerossl.ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
727 B (727 bytes)
Hash
9967921a864fb20b8bd0c9241fa37248
fc09160b0875e1bcefef90f99edc418af1214549
9866bc0787afcd311ac06a1b3696eb7cd40046ee6e5a4635a7cf6e1592ede979

HTTP Headers

POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 03:03:30 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Wed, 08 Feb 2023 13:18:48 GMT
Expires: Wed, 15 Feb 2023 13:18:47 GMT
Etag: "fc09160b0875e1bcefef90f99edc418af1214549"
Cache-Control: max-age=554716,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79695f4e5878b515-OSL

aide-client.skoa.li/app/

2.56.247.11

200 OK

721 B

URL HTTP/2
aide-client.skoa.li/app/
IP
2.56.247.11:0
ASN
#0

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
721 B (721 bytes)
Hash
282b2672eadcdc94659939710d88399f
c25a30ab804bea0e9affc85c2a0d806f0abb7a64
ad1c3225e21fa276857ab2448212a5773f0e5dbb0fa00fbf218f386127789074

Detections

Analyzer	Verdict	Alert
openphish	DGI (French Tax Authority)
fortinet	Phishing

HTTP Headers

GET /app/ HTTP/1.1
Host: aide-client.skoa.li
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 03:03:30 GMT
content-type: text/html; charset=UTF-8
content-length: 721
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PHP/8.1.15, PleskLin
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 03:03:30 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

code.jquery.com/jquery-1.11.0.js

69.16.175.42

200 OK

84 kB

URL HTTP/2
code.jquery.com/jquery-1.11.0.js
IP
69.16.175.42:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text
Size
84 kB (83550 bytes)
Hash
676091afc9b9381becb40be05d63a5e4
ebf13c953bad020fb909f32bb707390d97814d28
5fa63db8c80bca493c1d17e4bedee847414ce8e6fccdf2403f60be72d1a56f04

HTTP Headers

GET /jquery-1.11.0.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aide-client.skoa.li/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 09 Feb 2023 03:03:30 GMT
content-encoding: gzip
content-length: 83550
content-type: application/javascript; charset=utf-8
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
accept-ranges: bytes
server: nginx
etag: W/"620cd6ff-45140"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1675911810.dop001.sk1.t,1675911810.cds071.sk1.hn,1675911810.cds247.sk1.c
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
42756c0edf391c8e3e2ba840dd63056e
5c2f5137f11a047c8a090ea0af3d3fc7e9bb5a72
9da1c92cd7eb37ac085855e6efdee00be9eb1cdb82102b373f02e43c53f50d54

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 188
Cache-Control: max-age=141175
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 03:03:30 GMT
Etag: "63e3e63d-116"
Expires: Fri, 10 Feb 2023 18:16:25 GMT
Last-Modified: Wed, 08 Feb 2023 18:13:17 GMT
Server: ECS (amb/6B71)
X-Cache: HIT
Content-Length: 278

aide-client.skoa.li/app/templates/styles/dac.css

2.56.247.11

200 OK

446 B

URL HTTP/2
aide-client.skoa.li/app/templates/styles/dac.css
IP
2.56.247.11:0
ASN
#0

File type
ASCII text, with CRLF line terminators
Size
446 B (446 bytes)
Hash
95d07ea23208b6db55aee86bc3f3a47f
2c14a9d124ea42bb4e0a27ca7cc673fcf53049aa
89573ce7fffbad5626e48069c432dc0d5dbfb36bd7ddff110aebca8cb001d2f8

HTTP Headers

GET /app/templates/styles/dac.css HTTP/1.1
Host: aide-client.skoa.li
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aide-client.skoa.li/app/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 03:03:30 GMT
content-type: text/css
content-length: 446
x-accel-version: 0.01
last-modified: Tue, 20 Jul 2021 14:15:02 GMT
etag: "339-5c78eadfee580-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PleskLin
X-Firefox-Spdy: h2

aide-client.skoa.li/app/templates/js/dyn/urls.js

2.56.247.11

200 OK

251 B

URL HTTP/2
aide-client.skoa.li/app/templates/js/dyn/urls.js
IP
2.56.247.11:0
ASN
#0

File type
ASCII text, with CRLF line terminators
Size
251 B (251 bytes)
Hash
ade33dadc60d719e0c90b79be85db297
f5c6f798944d79c1820e7b65727705e13ff3f21e
fa47d04be6ccb78c6a2f2dbdeae6547d544e4a7b8ad1080ea44ca133e1c37d08

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /app/templates/js/dyn/urls.js HTTP/1.1
Host: aide-client.skoa.li
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aide-client.skoa.li/app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 03:03:30 GMT
content-type: application/javascript
content-length: 251
x-accel-version: 0.01
last-modified: Tue, 20 Jul 2021 14:15:04 GMT
etag: "247-5c78eae1d6a00-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PleskLin
X-Firefox-Spdy: h2

aide-client.skoa.li/app/templates/js/dyn/configuration.js

2.56.247.11

200 OK

475 B

URL HTTP/2
aide-client.skoa.li/app/templates/js/dyn/configuration.js
IP
2.56.247.11:0
ASN
#0

File type
ASCII text, with CRLF line terminators
Size
475 B (475 bytes)
Hash
a641f1f1801f8d6dbcb41e70052cd5c5
d97b1099cf3584fdb35200e26e08041bfa88cf43
20d8ec152ffcc4230d4fc888ce173f6b9623b75cef1c255d0831ad6fe4b38a93

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /app/templates/js/dyn/configuration.js HTTP/1.1
Host: aide-client.skoa.li
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aide-client.skoa.li/app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 03:03:30 GMT
content-type: application/javascript
content-length: 475
x-accel-version: 0.01
last-modified: Tue, 20 Jul 2021 14:15:04 GMT
etag: "3c1-5c78eae1d6a00-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PleskLin
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
42756c0edf391c8e3e2ba840dd63056e
5c2f5137f11a047c8a090ea0af3d3fc7e9bb5a72
9da1c92cd7eb37ac085855e6efdee00be9eb1cdb82102b373f02e43c53f50d54

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 188
Cache-Control: max-age=141175
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 03:03:30 GMT
Etag: "63e3e63d-116"
Expires: Fri, 10 Feb 2023 18:16:25 GMT
Last-Modified: Wed, 08 Feb 2023 18:13:17 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 278

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
0333fa3e34f17f01e9829bd8ee662c23
be4c7a8599038facc49c73d6d14451023bc919e7
8b4ad992549334395b268f43cf73150ed0dfe58801cf9595c3e245ea92dea7d9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 03:03:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
0333fa3e34f17f01e9829bd8ee662c23
be4c7a8599038facc49c73d6d14451023bc919e7
8b4ad992549334395b268f43cf73150ed0dfe58801cf9595c3e245ea92dea7d9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 03:03:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Content-Type, Expires, Pragma, Retry-After, Last-Modified, ETag, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 09 Feb 2023 02:14:53 GMT
age: 2917
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

aide-client.skoa.li/app/pages/1.php

2.56.247.11

200 OK

4.4 kB

URL HTTP/2
aide-client.skoa.li/app/pages/1.php
IP
2.56.247.11:0
ASN
#0

File type
HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (342), with CRLF line terminators
Size
4.4 kB (4421 bytes)
Hash
e4a92a7b730dd01df616a828de8cca30
4d5a71734de7817a70551fabe268389832cccdb0
d7b676d6d6ee3e7dfb3ed7a7596a0b0d6ec4952887cfbbfe70d432f5836f3975

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /app/pages/1.php HTTP/1.1
Host: aide-client.skoa.li
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aide-client.skoa.li/app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 03:03:31 GMT
content-type: text/html; charset=UTF-8
content-length: 4421
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PHP/8.1.15, PleskLin
X-Firefox-Spdy: h2

aide-client.skoa.li/app/main.js

2.56.247.11

200 OK

16 kB

URL HTTP/2
aide-client.skoa.li/app/main.js
IP
2.56.247.11:0
ASN
#0

File type
Unicode text, UTF-8 text, with CRLF line terminators
Size
16 kB (15682 bytes)
Hash
8caa8950adee68974686964aedeabf42
df70191d75ebb4e55f86612c087d4738874a1d4a
4bf0a95f681d8d7a9a59b309a273dabbea31112e96ab9efab5dd4c1d08ed5d6f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /app/main.js HTTP/1.1
Host: aide-client.skoa.li
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aide-client.skoa.li/app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 03:03:30 GMT
content-type: application/javascript
last-modified: Thu, 05 May 2022 05:56:12 GMT
etag: W/"627366fc-1c0a"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

aide-client.skoa.li/app/templates/images/spi.svg

2.56.247.11

200 OK

5.7 kB

URL HTTP/2
aide-client.skoa.li/app/templates/images/spi.svg
IP
2.56.247.11:0
ASN
#0

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document, Unicode text, UTF-8 text, with CRLF line terminators
Size
5.7 kB (5705 bytes)
Hash
5651c2ef64c1fc3459d18fbfd31f7cb4
30d7054e0a59513ec82158776bbb0444fdf0f146
1732b120fe27f868fa0cf234d443d80a4ad5a3cd80da35cc8489d5b4c9f26270

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /app/templates/images/spi.svg HTTP/1.1
Host: aide-client.skoa.li
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aide-client.skoa.li/app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 03:03:31 GMT
content-type: image/svg+xml
content-length: 5705
last-modified: Tue, 20 Jul 2021 14:15:06 GMT
etag: "60f6da6a-1649"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

aide-client.skoa.li/app/templates/images/spi1.svg

2.56.247.11

200 OK

4.0 kB

URL HTTP/2
aide-client.skoa.li/app/templates/images/spi1.svg
IP
2.56.247.11:0
ASN
#0

File type
SVG Scalable Vector Graphics image\012- , Unicode text, UTF-8 text, with very long lines (4014), with no line terminators
Size
4.0 kB (4024 bytes)
Hash
9b3c39ed6edf582c7f571289b4dbc725
28abdf9efc2cf91ec83f48d29313de71198905c0
434c00e8f522092a173a70f7f6e95747cf8c2b75328bdf76c6ed1e4b2039cbbc

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /app/templates/images/spi1.svg HTTP/1.1
Host: aide-client.skoa.li
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aide-client.skoa.li/app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 03:03:31 GMT
content-type: image/svg+xml
content-length: 4024
last-modified: Tue, 20 Jul 2021 14:15:06 GMT
etag: "60f6da6a-fb8"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
986afab4bad851da3c4a2b8db670c876
c58b7142ce3bebda918b77649973715dbd71b4d2
24e4025e6576d86e781fd0861a0a87338b7b5d52b9e559ae76ca52755cc3a865

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 03:03:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

aide-client.skoa.li/app/templates/images/num_acces.svg

2.56.247.11

200 OK

6.6 kB

URL HTTP/2
aide-client.skoa.li/app/templates/images/num_acces.svg
IP
2.56.247.11:0
ASN
#0

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document, Unicode text, UTF-8 text, with CRLF line terminators
Size
6.6 kB (6593 bytes)
Hash
1aa1768d6f6b9a88778925765f618d7e
11f826f9d7b56667defdca66b772db12746599aa
ab0d01d05c311a29506a3e1b0396c3e7016ca6b37eaa662403b3936789430a9c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /app/templates/images/num_acces.svg HTTP/1.1
Host: aide-client.skoa.li
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aide-client.skoa.li/app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 03:03:31 GMT
content-type: image/svg+xml
content-length: 6593
last-modified: Tue, 20 Jul 2021 14:15:06 GMT
etag: "60f6da6a-19c1"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

aide-client.skoa.li/app/templates/images/rfr.svg

2.56.247.11

200 OK

14 kB

URL HTTP/2
aide-client.skoa.li/app/templates/images/rfr.svg
IP
2.56.247.11:0
ASN
#0

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document, Unicode text, UTF-8 text, with CRLF line terminators
Size
14 kB (13680 bytes)
Hash
9f9fec232938e3606fe4334a57610ba7
ec0d02f0018575ff3fff44ae456eac0c39d61db0
b535a1ca3883b73b8f500a4c92ffcd3dcee234fb9bd895bf8a716e399bbd3588

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /app/templates/images/rfr.svg HTTP/1.1
Host: aide-client.skoa.li
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aide-client.skoa.li/app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 03:03:31 GMT
content-type: image/svg+xml
content-length: 13680
last-modified: Tue, 20 Jul 2021 14:15:06 GMT
etag: "60f6da6a-3570"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
248ce16379b12f11927ecc3142aec450
fa5b189f2d9182479170cb61cc1723571e437bd2
a8d259b331bdefb00625b9bf057d44d0b3290fda0734c57eda187b04e23d59d4

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8D259B331BDEFB00625B9BF057D44D0B3290FDA0734C57EDA187B04E23D59D4"
Last-Modified: Wed, 08 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14475
Expires: Thu, 09 Feb 2023 07:04:46 GMT
Date: Thu, 09 Feb 2023 03:03:31 GMT
Connection: keep-alive

fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

142.250.74.35

200 OK

17 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 16740, version 1.0\012- data
Size
17 kB (16740 bytes)
Hash
e43b535855a4ae53bd5b07a6eeb3bf67
6507312d9491156036316484bf8dc41e8b52ddd9
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681

HTTP Headers

GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://aide-client.skoa.li
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 07 Feb 2023 06:20:58 GMT
expires: Wed, 07 Feb 2024 06:20:58 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Aug 2022 18:14:44 GMT
content-type: font/woff2
age: 160953
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

aide-client.skoa.li/app/templates/polices/glyphicons-halflings-regular.woff2

2.56.247.11

200 OK

18 kB

URL HTTP/2
aide-client.skoa.li/app/templates/polices/glyphicons-halflings-regular.woff2
IP
2.56.247.11:0
ASN
#0

File type
Web Open Font Format (Version 2), TrueType, length 18028, version 1.589\012- data
Size
18 kB (18028 bytes)
Hash
448c34a56d699c29117adc64c43affeb
ca35b697d99cae4d1b60f2d60fcd37771987eb07
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /app/templates/polices/glyphicons-halflings-regular.woff2 HTTP/1.1
Host: aide-client.skoa.li
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://aide-client.skoa.li/app/templates/styles/commun.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 03:03:31 GMT
content-type: font/woff2
content-length: 18028
last-modified: Tue, 20 Jul 2021 14:15:04 GMT
etag: "60f6da68-466c"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

aide-client.skoa.li/app/templates/polices/dgfip_dgfipicons.woff

2.56.247.11

200 OK

94 kB

URL HTTP/2
aide-client.skoa.li/app/templates/polices/dgfip_dgfipicons.woff
IP
2.56.247.11:0
ASN
#0

File type
Web Open Font Format, TrueType, length 93700, version 1.0\012- data
Size
94 kB (93700 bytes)
Hash
53f606d531c08964174e91d4c4dfb345
daf42355520971c9b707756869f269c77e0eddf4
254798574aeb4e94ef4b45f271e804f0b63eb45def80468d9af516213ebe13dd

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /app/templates/polices/dgfip_dgfipicons.woff HTTP/1.1
Host: aide-client.skoa.li
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://aide-client.skoa.li/app/templates/styles/commun.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 03:03:31 GMT
content-type: font/woff
content-length: 93700
last-modified: Tue, 20 Jul 2021 14:15:04 GMT
etag: "60f6da68-16e04"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
986afab4bad851da3c4a2b8db670c876
c58b7142ce3bebda918b77649973715dbd71b4d2
24e4025e6576d86e781fd0861a0a87338b7b5d52b9e559ae76ca52755cc3a865

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 03:03:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

aide-client.skoa.li/app/templates/images/logo.svg

2.56.247.11

200 OK

54 kB

URL HTTP/2
aide-client.skoa.li/app/templates/images/logo.svg
IP
2.56.247.11:0
ASN
#0

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (54335), with no line terminators
Size
54 kB (54335 bytes)
Hash
98667a7d9e5511a5d145881316f7d027
b358a39c8be4765a2ef175feb12f02bc7dfe1301
eb00a60062dad3584d01aac5b8797e80dc3b53440e7c9922d302a31a0dc4a14c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /app/templates/images/logo.svg HTTP/1.1
Host: aide-client.skoa.li
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aide-client.skoa.li/app/templates/styles/commun.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 03:03:31 GMT
content-type: image/svg+xml
content-length: 54335
last-modified: Tue, 20 Jul 2021 14:15:06 GMT
etag: "60f6da6a-d43f"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

www.impots.gouv.fr/portail/sites/all/themes/impotsgouv/favicon.ico

152.199.19.61

301 Moved Permanently

273 B

URL HTTP/2
www.impots.gouv.fr/portail/sites/all/themes/impotsgouv/favicon.ico
IP
152.199.19.61:0
ASN
#15133 EDGECAST

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
273 B (273 bytes)
Hash
ad6306c636cce3eeed000fc2d312187f
8c0249380a3c7a1d990e26b3aa3b3c31b8eb9ff3
78ab2d21260c5214e7f1c114a8c374141edc9532b803400ca71928eb4e12eb25

HTTP Headers

GET /portail/sites/all/themes/impotsgouv/favicon.ico HTTP/1.1
Host: www.impots.gouv.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aide-client.skoa.li/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
age: 64584
cache-control: must-revalidate
content-type: text/html; charset=iso-8859-1
date: Wed, 08 Feb 2023 09:07:07 GMT
expires: Wed, 22 Feb 2023 09:07:07 GMT
location: https://www.impots.gouv.fr/sites/all/themes/impotsgouv/favicon.ico
server: ECAcc (ska/F7BB)
strict-transport-security: max-age=34560000; includeSubDomains
x-content-type-options: nosniff
content-length: 273
X-Firefox-Spdy: h2

push.services.mozilla.com/

54.184.253.181

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.184.253.181:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: l6X2n/D5MrtbFsQ8Sxbtyw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: pQCdeDZrERNK6VKt25Ux+ewPLJQ=

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3574
Expires: Thu, 09 Feb 2023 04:03:06 GMT
Date: Thu, 09 Feb 2023 03:03:32 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3574
Expires: Thu, 09 Feb 2023 04:03:06 GMT
Date: Thu, 09 Feb 2023 03:03:32 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3574
Expires: Thu, 09 Feb 2023 04:03:06 GMT
Date: Thu, 09 Feb 2023 03:03:32 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3574
Expires: Thu, 09 Feb 2023 04:03:06 GMT
Date: Thu, 09 Feb 2023 03:03:32 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff8db31dc-3366-48e5-8c4b-ebe994dd40ef.jpeg

34.120.237.76

200 OK

15 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff8db31dc-3366-48e5-8c4b-ebe994dd40ef.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
15 kB (15019 bytes)
Hash
95081172f8e19d19921acc802488e019
8531c150cb11de44361a95624b11cf46b9e0ba02
7a2d8f012c7d590f3f39ad834d4f3f9fb729143b7395bc588bd608b5bdee039b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff8db31dc-3366-48e5-8c4b-ebe994dd40ef.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 15019
x-amzn-requestid: 574e3e2c-2fbe-4215-9500-021147338832
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f583LHiioAMFqkQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e0a82d-4f12aac524c39f822ca4f422;Sampled=0
x-amzn-remapped-date: Mon, 06 Feb 2023 07:11:41 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: _3jIo3Giw3zmTmnSkJArAllT6uigN7EEzLPfkGpd6168_mSdqdk_Cg==
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 08:24:16 GMT
age: 67156
etag: "8531c150cb11de44361a95624b11cf46b9e0ba02"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc9b1dd9f-46ec-46f2-834f-c34f99ef0176.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.9 kB (4928 bytes)
Hash
087325c404f5b0b8e1bc800c167d6213
da37e1568089cf3536a8fe8304623694b7897326
a21b9844ebaac9fb408fc4d557badfbff0715cee7b5f3c8b9c628cdd1286dbe6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc9b1dd9f-46ec-46f2-834f-c34f99ef0176.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4928
x-amzn-requestid: 6f2d290e-118c-47f8-9804-440b6fad05e0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f86gZEhHIAMFX5A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e1d79b-3bac9dcf09ea66fc4f04abbe;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 04:46:19 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wctSz3UwyRPsJCr9NfQDidMAMn0Wl13VP2Jt0C1nfVFKqKqiDnu_nA==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 22:20:58 GMT
age: 16954
etag: "da37e1568089cf3536a8fe8304623694b7897326"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F844d5320-b850-4dd9-87c4-2b4f17eb895e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8717 bytes)
Hash
82ed633b05ccadc8b87e83413641f1ef
aafed39990cf6a3391d53355085d816167a500fa
c9202e36b231d0a9a9cba1ff8f570e5b0fbba215eb6b28e3989fd442ee7f5835

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F844d5320-b850-4dd9-87c4-2b4f17eb895e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8717
x-amzn-requestid: dbb8b5a2-d3f6-42e2-8778-da19de081cb8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f2c0LHaiIAMF5cA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63df41b4-309b6b1f651f68453dd52f55;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 05:42:12 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hBfl0rPzn_iOD9xRlc236_IEvyGlK5WteH1y4cd0aYxlFzd3RVfgkQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 21:42:47 GMT
age: 19245
etag: "aafed39990cf6a3391d53355085d816167a500fa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ac74c9c-b95e-40f4-a5ca-7180c40cc241.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.5 kB (7450 bytes)
Hash
ce710ab5746832fe637fada3e6d63abf
d545c85d4a8cf92dc8b88db0a056623d1ef7a943
40bae4a2fb9dd60e9339d15ad0838f3ca83b5b6275c35cd22878b6783fcd6247

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ac74c9c-b95e-40f4-a5ca-7180c40cc241.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7450
x-amzn-requestid: c3dabd4b-797b-4bbe-8824-5f502ff477b0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmJ2aG-IoAMFfnQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8bcf5-68de905b2ed5bfe46a87e688;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 07:02:13 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: AX-TsURes3Bn0RrAnH7TnsouJdkcOpbq7f7KAzPMWq4RMBH8FWMz7g==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 17:45:22 GMT
age: 33490
etag: "d545c85d4a8cf92dc8b88db0a056623d1ef7a943"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9614e0f-1b62-40ec-b140-9464c5527d5e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.2 kB (5241 bytes)
Hash
403cadd5f6beb14f5d2a4dd9eafc68d3
4724b4929c1afcc134ead274238725e4ce729b26
13d7b7ca88de8341e3ec835a5a7d8c79bc50a136aff8eb90aa3c2267f3e8cc08

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9614e0f-1b62-40ec-b140-9464c5527d5e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5241
x-amzn-requestid: 3ffb8a54-178e-4574-9662-8dc7696203fd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ACiy0FOqIAMFaKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e41811-26219fa14a85f6e81e4cf129;Sampled=0
x-amzn-remapped-date: Wed, 08 Feb 2023 21:45:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 8U_d5u2rtXAyLLBhRZ3BbQkFOc5gxZIPhnyL5XOvjGV6-8KqWyn8FQ==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 22:08:52 GMT
etag: "4724b4929c1afcc134ead274238725e4ce729b26"
content-type: image/jpeg
age: 17680
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

3.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F049f3f10-52dc-41ec-990c-719ee36485c7.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.6 kB (3599 bytes)
Hash
10fd2f55fa0cfb8616ded6ddc2bb511a
996ed68f1b9770a19a97f6c8d359e338b8c8b3ca
e552d31a5e531386b9830bb58486f09bfcb3400676f726f93fdbea08336a09da

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F049f3f10-52dc-41ec-990c-719ee36485c7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3599
x-amzn-requestid: 658f8678-b67d-4f98-b728-cf9cbad3aa86
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ABI38GUpIAMFY0Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e38832-2ab19d0f2345fc7515775298;Sampled=0
x-amzn-remapped-date: Wed, 08 Feb 2023 11:32:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: oBM94J-bP0KLv3VUKHBQcndevBxzLc1rQ27Mc4Z_C-CGOyCH_FlKDw==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 22:14:59 GMT
age: 30692
etag: "996ed68f1b9770a19a97f6c8d359e338b8c8b3ca"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

aide-client.skoa.li/app/templates/styles/commun.css

2.56.247.11

200 OK

0 B

URL HTTP/2
aide-client.skoa.li/app/templates/styles/commun.css
IP
2.56.247.11:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /app/templates/styles/commun.css HTTP/1.1
Host: aide-client.skoa.li
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aide-client.skoa.li/app/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 03:03:30 GMT
content-type: text/css
last-modified: Tue, 20 Jul 2021 14:15:02 GMT
etag: W/"60f6da66-11cf"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

www.impots.gouv.fr/sites/all/themes/impotsgouv/favicon.ico

152.199.19.61

404 Not Found

0 B

URL HTTP/2
www.impots.gouv.fr/sites/all/themes/impotsgouv/favicon.ico
IP
152.199.19.61:0
ASN
#15133 EDGECAST

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sites/all/themes/impotsgouv/favicon.ico HTTP/1.1
Host: www.impots.gouv.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://aide-client.skoa.li/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 404 Not Found
age: 0
cache-control: must-revalidate
content-language: fr
content-type: text/html; charset=UTF-8
date: Thu, 09 Feb 2023 03:03:31 GMT
expires: Thu, 09 Feb 2023 03:04:31 GMT
from-origin: same
permissions-policy: interest-cohort=()
server: ECAcc (ska/F69C)
strict-transport-security: max-age=34560000; includeSubDomains
x-content-type-options: nosniff, nosniff
x-frame-options: SAMEORIGIN
x-ua-compatible: IE=edge
x-xss-protection: 1
X-Firefox-Spdy: h2

aide-client.skoa.li/app/templates/js/dyn/idContact.js

2.56.247.11

200 OK

0 B

URL HTTP/2
aide-client.skoa.li/app/templates/js/dyn/idContact.js
IP
2.56.247.11:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /app/templates/js/dyn/idContact.js HTTP/1.1
Host: aide-client.skoa.li
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aide-client.skoa.li/app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 03:03:30 GMT
content-type: application/javascript
last-modified: Tue, 20 Jul 2021 14:15:04 GMT
etag: W/"60f6da68-864"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

aide-client.skoa.li/app/templates/js/dyn/messages.js

2.56.247.11

200 OK

0 B

URL HTTP/2
aide-client.skoa.li/app/templates/js/dyn/messages.js
IP
2.56.247.11:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /app/templates/js/dyn/messages.js HTTP/1.1
Host: aide-client.skoa.li
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aide-client.skoa.li/app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 03:03:30 GMT
content-type: application/javascript
last-modified: Tue, 20 Jul 2021 14:15:04 GMT
etag: W/"60f6da68-291e"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

aide-client.skoa.li/app/templates/styles/bootstrap.min.css

2.56.247.11

200 OK

0 B

URL HTTP/2
aide-client.skoa.li/app/templates/styles/bootstrap.min.css
IP
2.56.247.11:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /app/templates/styles/bootstrap.min.css HTTP/1.1
Host: aide-client.skoa.li
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aide-client.skoa.li/app/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 03:03:30 GMT
content-type: text/css
last-modified: Tue, 20 Jul 2021 14:15:02 GMT
etag: W/"60f6da66-1a445"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

aide-client.skoa.li/app/templates/styles/mire.css

2.56.247.11

200 OK

0 B

URL HTTP/2
aide-client.skoa.li/app/templates/styles/mire.css
IP
2.56.247.11:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /app/templates/styles/mire.css HTTP/1.1
Host: aide-client.skoa.li
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aide-client.skoa.li/app/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 03:03:30 GMT
content-type: text/css
last-modified: Tue, 20 Jul 2021 14:15:02 GMT
etag: W/"60f6da66-971"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

aide-client.skoa.li/app/templates/js/bootstrap.min.js

2.56.247.11

200 OK

0 B

URL HTTP/2
aide-client.skoa.li/app/templates/js/bootstrap.min.js
IP
2.56.247.11:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /app/templates/js/bootstrap.min.js HTTP/1.1
Host: aide-client.skoa.li
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aide-client.skoa.li/app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 03:03:30 GMT
content-type: application/javascript
last-modified: Tue, 20 Jul 2021 14:15:04 GMT
etag: W/"60f6da68-8213"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

aide-client.skoa.li/app/templates/js/dyn/auth2019v3.js

2.56.247.11

200 OK

0 B

URL HTTP/2
aide-client.skoa.li/app/templates/js/dyn/auth2019v3.js
IP
2.56.247.11:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /app/templates/js/dyn/auth2019v3.js HTTP/1.1
Host: aide-client.skoa.li
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aide-client.skoa.li/app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 03:03:30 GMT
content-type: application/javascript
last-modified: Tue, 20 Jul 2021 14:15:04 GMT
etag: W/"60f6da68-1323a"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

rawgit.com/RobinHerbots/jquery.inputmask/3.x/dist/jquery.inputmask.bundle.js

188.114.97.1

200 OK

0 B

URL HTTP/2
rawgit.com/RobinHerbots/jquery.inputmask/3.x/dist/jquery.inputmask.bundle.js
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /RobinHerbots/jquery.inputmask/3.x/dist/jquery.inputmask.bundle.js HTTP/1.1
Host: rawgit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aide-client.skoa.li/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 09 Feb 2023 03:03:30 GMT
content-type: application/javascript;charset=utf-8
x-content-type-options: nosniff
x-robots-tag: none
access-control-allow-origin: *
link: <https://rawgit.com/>; rel="sunset"; title="RawGit will soon shut down. Please stop using it."
sunset: Tue, 01 Oct 2019 00:00:00 GMT
etag: W/"239e0cb721224bc76940cfad39ef0f2ecf1de110e9a777ecc9e2fefa91c0fe7b"
cache-control: max-age=3600, s-maxage=300
vary: Accept-Encoding
rawgit-cache-status: HIT
cf-cache-status: HIT
age: 209
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vvZGRiVyPJECLNKuEcEBt6KOIxQk9NeGuRdwJXj6crKGhCSOZtXGqjc80Ip%2Buqw3ZX3zrQ4I78FmBNRqhCVpty2OnzukvXhNSXc4r1uzqY2rSUojmJh1sYIx%2FnDS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; preload
server: cloudflare
cf-ray: 79695f506dd50afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Open+Sans&subset=latin-ext

142.250.74.74

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Open+Sans&subset=latin-ext
IP
142.250.74.74:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Open+Sans&amp;subset=latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aide-client.skoa.li/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 09 Feb 2023 03:03:30 GMT
date: Thu, 09 Feb 2023 03:03:30 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (12)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML